Microsoft reported Friday that it is still fighting to keep away Russian cyberspies who got high-level access late last year.In a blog post, the business stated hackers had accessed digital vaults containing program source code in recent weeks.
The cybersecurity industry and U.S. and U.K. government agencies have linked the hackers to Russia's SVR intelligence agency, which is like the NSA. The U.S. blames the SVR for the 2020 SolarWinds attack, one of the greatest and most successful government cyberespionage campaigns.
A spokeswoman for Russia's Ministry of Foreign Affairs did not respond quickly.A Microsoft spokesman declined to comment on how much sensitive data the hackers stole.
Microsoft is vital to U.S. Federal government systems and has some of the world's most advanced artificial intelligence research, thus the hacking campaign is noteworthy.
CrowdStrike's senior vice president for counteradversary operations, Adam Meyers, said Microsoft's valuable government data may be used by Russia to destabilize its targets.
Meyers noted that Microsoft possesses a lot of US and other government data. "If you think about the Russia angle, their goal is to drive a wedge in NATO, EU, and US to cause dissension and chaos and confusion," said.
Microsoft revealed November-starting hacking in January. Password spraying, a simple way of checking usernames and passwords, allowed hackers to access administratively powerful accounts.The hackers promptly accessed the email accounts of senior corporate leaders, legal teams, and SVR analysts, according to Microsoft.
Since then, the situation has worsened, the company stated. Microsoft reported that password spraying surged tenfold from February to March, and the hackers appear to have used what they learned to find further system vulnerabilities.
In an email, Eric Goldstein, a senior official at the U.S. Cybersecurity and Infrastructure Security Agency, said the agency “remains closely engaged with Microsoft to understand this intrusion campaign and provide all necessary assistance to impacted organizations, including Microsoft customers.”